Vulnerability in ssh shipped by kde.debian.net?

To: debian-kde@lists.debian.org
Cc: wichert@wiggy.net
Subject: Vulnerability in ssh shipped by kde.debian.net?
From: Rainer Dorsch <rainer.dorsch@informatik.uni-stuttgart.de>
Date: Thu, 06 Dec 2001 09:25:21 +0100
Message-id: <[🔎] E16BtqM-0002KC-00@rai21>
Reply-to: rainer.dorsch@informatik.uni-stuttgart.de

Hello,

kde.debian.net ships kde packages for potato systems

deb http://kde.debian.net potato main crypto optional 
deb ftp://kde.debian.net/pub/kde potato main crypto optional


I think they are very popular amonst Debian stable users. I just found this 
morning (Wicherts security alert on openssh did not trigger an update!), that 
in optional of the above deb lines there is ssh 1:2.3.0p1-0.11.

Is this a patched version or is it a huge security risk for users of 
kde.debian.net?

If this is a problem, due to the popularity of the apt-lines, I would even 
suggest to send a security alert on the debian security mailing list.

Thanks.

Rainer.


-- 
Rainer Dorsch
Abt. Rechnerarchitektur  e-mail:rainer.dorsch@informatik.uni-stuttgart.de
Uni Stuttgart            Tel.: +49-711-7816-215 / Fax: +49-711-7816-288
Breitwiesenstr. 20-22    D-70565 Stuttgart
http://www.ra.informatik.uni-stuttgart.de/~rainer/


-- 
Rainer Dorsch
Abt. Rechnerarchitektur  e-mail:rainer.dorsch@informatik.uni-stuttgart.de
Uni Stuttgart            Tel.: +49-711-7816-215 / Fax: +49-711-7816-288
Breitwiesenstr. 20-22    D-70565 Stuttgart
http://www.ra.informatik.uni-stuttgart.de/~rainer/

Reply to:

Follow-Ups:
- Re: Vulnerability in ssh shipped by kde.debian.net?
  - From: Wichert Akkerman <wichert@wiggy.net>

Prev by Date: Re: problem with konqueror 2.2.2-5 and javascript button
Next by Date: Re: Vulnerability in ssh shipped by kde.debian.net?
Previous by thread: Bug#122533: Euro trouble
Next by thread: Re: Vulnerability in ssh shipped by kde.debian.net?
Index(es):
- Date
- Thread